﻿/// <summary>
/// Auth class - manages user authentication, creation, deletion
/// </summary>
public static class Auth
{

    /* Authenticate users
    =====================*/

    public static bool Authenticate(string username, string password)
    {
        //select hash and salt from database where username = @username
        string  hash = "abcdefghigklmnopqrstuvwxyz0123456789",
                salt = "1234";

        //check if password is valid for this user
        if (Password.Hash(password, salt) == hash)
        {
            return true;
        }
        return false;
    }

    /* Create new user
    ==================*/

    public static bool CreateUser(string username, string password, int privilege)
    {
        //check if username exists
        //select count(*) from users where username = username
        int count = 0;

        if (count == 0)
        {
            //create salt
            string salt = System.Web.Security.Membership.GeneratePassword(3,3);
            //create hash
            string hash = Password.Hash(password, salt);

            /*
             * insert into database username, hash, salt, privilege
             */

            //if insert succeeded
            bool success = true;
            if (success)
            {
                return true;
            }
            else
            {
                return false;
            }
        }
        else
        {
            return false;
        }
    }

    /* Delete User
    ===============*/

    public static bool DeleteUser(int id)
    {
        /*
         * delete from user where id = id
         */
        bool success = true;
        if (success)
        {
            return true;
        }
        else
        {
            return false;
        }
    }
}